Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

¿keylogger?

04/02/2006 - 22:47 por MRC | Informe spam
Ayuda Hacer una pregunta
He pasado el escaneo online de Pest Patrol y me dice que tengo un Keylogger.
Me salian dos direcciones de esas del registro, las he eliminado, pero mi
pregunta es: ¿eliminando esto se elimina el keylogger?.
Tambien, desde hace unos dias he tenido varios problemas del tipo "el shell
de windows se ha detenido inesperadamente"... ¿tiene relacion una cosa con la
otra?.

Os pongo la info del keylogger:
Overview
Category
Key Logger : (Keystroke Logger). A program that runs in the background,
recording all the keystrokes. Once keystrokes are logged, they are hidden in
the machine for later retrieval, or shipped raw to the attacker. The attacker
then peruses them carefully in the hopes of either finding passwords, or
possibly other useful information that could be used to compromise the system
or be used in a social engineering attack. For example, a key logger will
reveal the contents of all e-mail composed by the user. Keylog programs are
commonly included in rootkits and RATs (remote administration trojans).





Origins
Author
ELTIMA Software GmbH

Date of Origin
Variants from May, 2000 to July, 2005



Detections:
List of Objects Present:
PestPatrol detects the following files and registry entries for this
software..



Executable Files:
advanced_keylogger.exe
systemroot+\idde\kmonitor.exe
systemroot+\idde\uninstall.exe
systemroot+\idde\trace.exe
systemroot+\idde\setup.exe
svchost.exe


DLL Files: systemroot+\idde\psapi.dll
tmutils.dll
tmlib.dll


Registry Items:
HKEY_CLASSES_ROOT\clsid\{dee6806c-fb33-d04c-e1c6-8da9b2204850}
HKEY_LOCAL_MACHINE\software\licenses {i04015e42fbb54a1d}
HKEY_LOCAL_MACHINE\software\licenses {k7c0db872a3f777c0}
HKEY_LOCAL_MACHINE\software\licenses {r7c0db872a3f777c0}
HKEY_LOCAL_MACHINE\software\microsoft\idde
HKEY_LOCAL_MACHINE\software\microsoft\idde\km
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svchost


Files:
advanced_keylogger.exe
ddemal.bin
ddemal32.bin
kmonitor.exe
license.txt
manual.chm
readme.txt
register.bat
setup.exe
setup.log
svchost.exe
tmlib.dll
tmutils.dll
trace.exe
uninstall.exe
wrk.log
systemroot+\ddemal.bin
systemroot+\ddemal32.bin
systemroot+\idde\kmonitor.exe
systemroot+\idde\license.txt
systemroot+\idde\manual.chm
systemroot+\idde\uninstall.exe
systemroot+\idde\wrk.log
systemroot+\system\msidllsi.dat
systemroot+\idde\psapi.dll
systemroot+\iddeeadme.txt
systemroot+\iddeegister.bat
systemroot+\idde\setup.exe
systemroot+\idde\setup.log
systemroot+\idde\trace.exe
systemroot+\idde\uninstall.bat


Directories:

systemroot+\idde






Research
File Analysis
Advanced KEYLOGGER


More Info

Gracias!!
email Siga el debateRespuesta 9 respuestasRespuesta Tengo una respuesta
DRAGON AGE™: INQUISITION – Matadragones
 

Leer las respuestas

#1 José Gallardo
05/02/2006 - 09:06 | Informe spam
Pásale el Ad-ware y el antiespías de Microsoft.

¿Problemas con Windows Update?
http://tinyurl.com/9nud8
Windows Update issues?
http://tinyurl.com/dyb6k




"MRC" escribió en el mensaje
news:
He pasado el escaneo online de Pest Patrol y me dice que tengo un
Keylogger.
Me salian dos direcciones de esas del registro, las he eliminado, pero
mi
pregunta es: ¿eliminando esto se elimina el keylogger?.
Tambien, desde hace unos dias he tenido varios problemas del tipo "el
shell
de windows se ha detenido inesperadamente"... ¿tiene relacion una cosa
con la
otra?.

Os pongo la info del keylogger:
Overview
Category
Key Logger : (Keystroke Logger). A program that runs in the
background,
recording all the keystrokes. Once keystrokes are logged, they are
hidden in
the machine for later retrieval, or shipped raw to the attacker. The
attacker
then peruses them carefully in the hopes of either finding passwords,
or
possibly other useful information that could be used to compromise the
system
or be used in a social engineering attack. For example, a key logger
will
reveal the contents of all e-mail composed by the user. Keylog
programs are
commonly included in rootkits and RATs (remote administration
trojans).





Origins
Author
ELTIMA Software GmbH

Date of Origin
Variants from May, 2000 to July, 2005



Detections:
List of Objects Present:
PestPatrol detects the following files and registry entries for this
software..



Executable Files:
advanced_keylogger.exe
systemroot+\idde\kmonitor.exe
systemroot+\idde\uninstall.exe
systemroot+\idde\trace.exe
systemroot+\idde\setup.exe
svchost.exe


DLL Files: systemroot+\idde\psapi.dll
tmutils.dll
tmlib.dll


Registry Items:
HKEY_CLASSES_ROOT\clsid\{dee6806c-fb33-d04c-e1c6-8da9b2204850}
HKEY_LOCAL_MACHINE\software\licenses {i04015e42fbb54a1d}
HKEY_LOCAL_MACHINE\software\licenses {k7c0db872a3f777c0}
HKEY_LOCAL_MACHINE\software\licenses {r7c0db872a3f777c0}
HKEY_LOCAL_MACHINE\software\microsoft\idde
HKEY_LOCAL_MACHINE\software\microsoft\idde\km
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svchost


Files:
advanced_keylogger.exe
ddemal.bin
ddemal32.bin
kmonitor.exe
license.txt
manual.chm
readme.txt
register.bat
setup.exe
setup.log
svchost.exe
tmlib.dll
tmutils.dll
trace.exe
uninstall.exe
wrk.log
systemroot+\ddemal.bin
systemroot+\ddemal32.bin
systemroot+\idde\kmonitor.exe
systemroot+\idde\license.txt
systemroot+\idde\manual.chm
systemroot+\idde\uninstall.exe
systemroot+\idde\wrk.log
systemroot+\system\msidllsi.dat
systemroot+\idde\psapi.dll
systemroot+\iddeeadme.txt
systemroot+\iddeegister.bat
systemroot+\idde\setup.exe
systemroot+\idde\setup.log
systemroot+\idde\trace.exe
systemroot+\idde\uninstall.bat


Directories:

systemroot+\idde






Research
File Analysis
Advanced KEYLOGGER


More Info

Gracias!!

Preguntas similares

 

Busqueda sugerida :